<?php
session_start();
include "class.Validator.php";

if($_POST)
	{
		if(isset($_POST['login']) && $_POST['login'] && isset($_POST['pwd']) && $_POST['pwd'])
		{
			$val = new Validator();
			
			if(!$val->validPasswd($_POST['pwd'],$_POST['login']))
			{
				$error_mess = 'Špatné heslo';	
			}
			if(!$error_mess)
			{		
				$connection = mysql_connect('localhost', 'panospet', 'meipei2c');
				if (!$connection) {
				    die('Could not connect: ' . mysql_error());
				}
				
				mysql_query("SET NAMES utf8");
				mysql_select_db("panospet");
				$new_pwd = SHA1($_POST['pwd'].'sůl&ěščřžýáíé');		
				$query = "SELECT * FROM ukol7_users WHERE login = '".$_POST['login']."'
					AND pwd = '".$new_pwd."'";
				$result = mysql_query($query);
				if (!$result) {
				    die('Chyba ve spusteni dotazu: ' . mysql_error());
				}
				mysql_close($connection);
				
				$existuje = mysql_fetch_assoc($result);
				if($existuje)
				{
					$_SESSION['id'] = $existuje['id'];
					$_SESSION['login'] = $existuje['login'];
					$_SESSION['pwd'] = $existuje['pwd'];					
					$_SESSION['email'] = $existuje['email'];
					echo "<meta http-equiv='refresh' content='0;url=index.php?cmd=2'>";
					
				}
				else
				{
					$error_mess = "Špatné přihlašovací údaje.";
				}
			}
		}
		else
		{
			$error_mess = 'Nebyla vyplněna všechna pole.';	
		}
	}
	if($error_mess)
	{
		echo "<p>".$error_mess."</p>";	
	}

?>

<form method="post">
    <table>
        <tr>
            <td><label for="login"> Login </label></td>
            <td><input type="text" name="login" id="login"></td>
        </tr>
        <tr>
            <td><label for="pwd"> Heslo </label></td>
            <td><input type="password" name="pwd" id="pwd"></td>
        </tr>
        <tr>
            <td colspan="2"><input type="submit" value="Přihlásit"></td>
        </tr>
    </table>
</form>
